EUVD-2024-41738

Malicious code in bioql PyPI...

CVE-2023-52970

MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., 11.0 through 11.0., and 11.1 through 11.4. crashes in Itemdirectviewref::derivedfieldtransformerforwhere...

CVE-2024-45736

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted "INGESTEVAL"...

CVE-2024-45736

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted "INGESTEVAL"...

CVE-2024-45736

CVE-2024-45736 affects Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111. A low-privileged user without admin/power roles can craft a search query with an improperly formatted INGEST_EVAL parameter in a ...

CVE-2024-45736 Improperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a search query with an improperly formatted "INGESTEVAL"...

Splunk Enterprise 9.1.0 < 9.1.6, 9.2.0 < 9.2.3, 9.3.0 < 9.3.1 (SVD-2024-1006)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-1006 advisory. - In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107,...

Splunk Enterprise 8.1 < 8.1.13, 8.2.0 < 8.2.10, 9.0.0 < 9.0.4 (SVD-2023-0211)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0211 advisory. - In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted INGESTEVAL' parameter in a Field...

CVE-2023-22941

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGESTEVAL’ parameter in a Field Transformation crashes the Splunk daemon splunkd...

CVE-2023-22941

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGESTEVAL’ parameter in a Field Transformation crashes the Splunk daemon splunkd...

Design/Logic Flaw

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, an improperly-formatted ‘INGESTEVAL’ parameter in a Field Transformation crashes the Splunk daemon splunkd...

CVE-2023-22941

CVE-2023-22941 affects Splunk Enterprise: versions prior to 8.1.13, 8.2.10, and 9.0.4 are vulnerable due to an improperly formatted INGEST_EVAL parameter in a Field Transformation, which can crash the splunkd daemon. The issue is rooted in input parsing of INGEST_EVAL/INGEST EVAL and has the pote...

PT-2023-18785 · Splunk · Splunk Enterprise

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.13 Splunk Enterprise versions prior to 8.2.10 Splunk Enterprise versions prior to 9.0.4 Description: An improperly-formatted INGEST EVAL parameter in a Field Transformation can cause the Splunk daemon...